Score:0

RoundCube install in parallel: Connection to storage server failed

gb flag

I need upgrade and split Centos 6.3, RoundCube 0.7.2 and Dovecot 2.0.9. Apache link is old.mydomain.

IMAP section: $rcmail_config['default_host'] = 'localhost';

Dovecot authenticate against Microsoft Active Directory.

I've install RoundCube 1.4.12 LTE on separate Centos 7 server.

IMAP section: $config['default_host'] = 'ssl://old.mydomain' or IP;

I would like setup and test RoundCube in parallel. Then I will stop Apache on old.mydomain and rename Apache link from new.mydomain to old.mydomain.

My new installation test with standalone Postfix servet is OK, but connection to Dovecot with default sets fails with error on web browser:

Connection to storage server failed

errors.log:

Could not connect to ssl://IP or old.mydomain:143 or 993 ... Unknown reason

ADD: I've try log with false user and/or password. Result exactly the same. And any logs in Dovecot server side.

$config['imap_conn_options'] = array(
  'ssl'         => array(
     'verify_peer'  => true,
     'verify_depth' => 3,
     'cafile'       => '/etc/pki/tls/domain.crt',
     'local_pk'       => '/etc/pki/tls/private/domain.key',
   ),
 );

old> openssl s_client -connect old.mydomain:993 -crlf -quiet

depth=0 CN = *.mydomain
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = *.mydomain
verify error:num=21:unable to verify the first certificate
verify return:1
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
user name@mydomain
user BAD Error in IMAP command received by server.

Check new.mydomain> telnet old.mydomain 143

Trying 192.168.1.1...
Connected to old.mydomain.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE START TLS LOGINDISABLED] Dovecot ready.
a login mymail@mydomain Passwd
* BAD [ALERT] Plaintext authentication not allowed without SSL/TLS, but your client did it anyway. If anyone was listening, the password was exposed.
a NO [PRIVACYREQUIRED] Plaintext authentication disallowed on non-secure (SSL/TLS) connections.
c list "" *
c BAD Error in IMAP command received by server.
e logout
e OK Logout completed.
Connection closed by foreign host.

Next. Allow insecure POP3/IMAP connections

disable_plaintext_auth=no
ssl=yes

new.mydomain> telnet old.mydomain 143

Trying 192.168.1.1...
Connected to old.mydomain.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
a login mymail@mydomain Passwd
a OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS] Logged in
c list "" *
* LIST (\HasNoChildren) "." "Sent"
* LIST (\HasNoChildren) "." "INBOX"
c OK List completed.
e logout
e OK Logout completed.
Connection closed by foreign host.

Roundcube modify config

IMAP section: $config['default_host'] = 'old.mydomain';

And RoundCube IMAP no error. Does POP connection from outlook to Dovecot remains most secure or become plain and dangeraus?

So, question remains open. What to do with error "Connection to storage server failed"

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.